package com.dnxh.config;

import com.dnxh.constant.CommonConstant;
import lombok.extern.slf4j.Slf4j;
import org.apache.shiro.web.filter.authc.BasicHttpAuthenticationFilter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.http.HttpStatus;
import org.springframework.web.bind.annotation.RequestMethod;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.util.List;

/**
 * @Author 枳湫
 * @Time 2022/4/6 12:52
 * @Describe Basic_jar
 **/
@Slf4j
public class JwtFilter extends BasicHttpAuthenticationFilter {
	
	@Override
	protected boolean isAccessAllowed (ServletRequest request, ServletResponse response, Object mappedValue) {
		if (isLoginAttempt (request,response)){
			try {
				executeLogin (request,response);
				return true;
			} catch (Exception e) {
				e.printStackTrace ();
			}
		}
		return true;
	}
	
	@Override
	protected boolean isLoginAttempt (ServletRequest request, ServletResponse response) {
		HttpServletRequest req = (HttpServletRequest) request;
		return req.getHeader (CommonConstant.TOKEN) != null;
	}
	
	@Override
	protected boolean executeLogin (ServletRequest request, ServletResponse response) throws Exception {
		HttpServletRequest req = (HttpServletRequest) request;
		String token = req.getHeader (CommonConstant.TOKEN);
		JwtToken jwtToken = new JwtToken (token);
		getSubject (request,response).login (jwtToken);
		return true;
	}
	
	@Override
	protected boolean preHandle (ServletRequest request, ServletResponse response) throws Exception {
		HttpServletRequest httpServletRequest = (HttpServletRequest) request;
		HttpServletResponse httpServletResponse = (HttpServletResponse) response;
		httpServletResponse.setHeader("Access-control-Allow-Origin", httpServletRequest.getHeader("Origin"));
		httpServletResponse.setHeader("Access-Control-Allow-Methods", "GET,POST,OPTIONS,PUT,DELETE");
		httpServletResponse.setHeader("Access-Control-Allow-Headers", httpServletRequest.getHeader("Access-Control-Request-Headers"));
		//跨域时会首先发送一个option请求，这里我们给option请求直接返回正常状态
		if (httpServletRequest.getMethod().equals(RequestMethod.OPTIONS.name())) {
			httpServletResponse.setStatus(HttpStatus.OK.value());
			return false;
		}
		return super.preHandle(request, response);
	}
}
